If you’re preparing to take your business online, you’ll need to secure your website through an SSL (Secure Sockets Layer) certificate. The digital certificate authenticates your site’s identity and protects customers’ sensitive information by encrypting it.
SSL is a stamp of trust that gives visitors to your website the confidence to provide their personal information or make a purchase.
This small business guide to SSL certificates talks about the different types of SSL certificates for small business websites, helps you understand which one is likely to work best for your business, and provides latest news on SSL providers.
First, let’s take a quick look at the benefits of buying an SSL certificate:
- Present a professional face/image. Certification Authorities have a responsibility to issue SSL Certificates to legitimate companies. They have stringent validation processes in place to ensure that the company owns or has a legal right to use the domain name, and that it is a legally accountable entity.
- Enhances visitor loyalty. If your customers are required to sign in to their account on your site, you definitely need an SSL certificate. Visitors who have the assurance that their information is safeguarded are more likely to keep coming back.
- Entice more shoppers. 40 per cent of people worry about online security issues when shopping online. Most of today’s internet-savvy buyers will easily abandon a shopping cart if they don’t trust a website. The SSL padlock symbol encourages them to browse your site and buy from you.
- Drive up sales. In the retail industry, trust means everything, and it is a big driver of sales. You can appear trustworthy when you use a good web host to maximize website speed and uptime; use a reputable payments processor to effectively secure your customers’ data; and mandatorily use SSL as part of your website security arsenal. Though a top-quality eShop provider will offer all the certifications that online shoppers usually look for, it is best to have your own SSL in place.
- Keep your own information safe. SSL encrypts data when sending as well as receiving it. That means the information you send to website visitors, whether it is a voucher, promotional code, holiday message or newsletter, will be secure and uncompromised.
- Helps with search engine optimization. Google has confirmed that HTTPS is good for SEO. Google described HTTPS as having a “very lightweight” signal affecting very few searches. But over time, they may decide to strengthen it, because Google like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
What are your options in SSL certificates?
Extended Validation (EV) SSL Certificates
Does your website require customers to enter credit card or other high value information? Then, you need to quickly show them proof of your web site’s identity and encryption, which can help establish trust and generate more transactions of higher value.
The EV SSL certificate shows up in the https in the web address and a closed padlock icon indicates an encrypted session. Additionally, the browser address bar turns green. Your company’s name and the name of the certificate authority that authenticated the information appears next to the web address.
Organization Validation (OV) SSL Certificates
The Certification Authority conducts a basic vetting, and checks if you have the legal right to use a specific domain. The check is not as thorough as it is in the case of the EV SSL certificate.
Information about your business is also available to the customers when they check the certification details.
Domain Validation (DV) SSL Certificates
The Certification Authority only checks your company’s right to use the specific domain and doesn’t vet your business for issuance.
Tips to determine which SSL certificate would suit your ecommerce site
If your business generates a low volume of traffic, then an entry-level Domain Validation Certificate would suffice. It will do an adequate job of generating credibility to your site and brand. This level of protection keeps the login and password details of your customers safe by securing your site against malware.
The certificate is available at lower price points and issued quickly. However, note that it is a low value certificate. If you will be procuring sensitive customer information, it is advisable to buy an SSL Certificate that does more than just provide organizational validation.
If you’ve just set up shop and expect a decent volume of visitors, but cannot afford to spend big bucks on an SSL certificate for your optimized website, you can consider the Organization Validation (OV) Certificate. It will assure customers about the safety of their sensitive information like credit card, bank account or PayPal details.
EV SSL offers the highest level of protection, but it is a very expensive certificate. As a small business owner with a modest budget, you may not be in a position to afford the rather high price of this certificate.
It is usually used by medium and large enterprises; however, as it is the gold standard in SSL, you can invest in one if you want to deliver peace of mind to customers. It is a good option if you expect to scale up quickly or generate high sales volumes.
Don’t let less than optimal security stand in the way of customer trust and positive word-of-mouth! For more information on the best SSL certificates, check out our reviews here.
Not all Certificate Authorities (CAs) are trustworthy
Web browsers trusts SSL certificates from Certificate Authorities, who are obliged to follow appropriate validation guidelines before issuing them. Using a rogue certificate, a criminal or a government can act as an intermediary between a website and its user, intercepting communications without the knowledge of the user.
Rogue digital certificates have increased in recent years. In 2011, it was discovered that Dutch CA Diginotar servers had been compromised, resulting in the issuance of fraudulent certificates. Among the rogue Google certificates were those that the Iranian government had used to spy on political opponents.
Google has stepped up efforts to tackle rogue certificates by launching the Certificate Transparency program. Under this initiative, users and browsers from all over the world will collaborate to develop a near-real time index of all the certificates seen in the wild, to increase the likelihood of rogue certs being detected. Get more information on Google’s initiative here.